Documente Academic
Documente Profesional
Documente Cultură
Networks and
Security Solutions
for Partner
Engineers
Course Objectives
Upon completion of this course, you will be able to:
Describe the competitive positioning of Cisco small and midsize business solutions
Describe the Cisco Borderless Networks and Security solutions for small and midsize
customers
Describe the business benefits for small and midsize customers of adopting Cisco
Borderless Networks and Security solutions
Identify the appropriate Borderless Networks and Security solution to match customer
needs
Articulate the value of Cisco Borderless Networks and Security solutions over the
competition
Describe technical considerations for Cisco Borderless Networks and Security solutions for
small and midsize business customers
Describe plan, design, and build considerations for Cisco Borderless Networks and
Security solutions for small and midsize business customers
Cisco Confidential
Course Outline
The learning objectives will be covered in the following modules:
Cisco Confidential
Cisco
Borderless
Networks and
Security
Competitive
Positioning for
Partner
Engineers
Cisco Confidential
Module Objectives
Upon completion of this module, you will be able to:
Describe the Cisco Borderless Network and Security solutions for small
and midsize customers
Cisco Confidential
Outline
The learning objectives will be covered in the following sections:
Cisco
Benefits
Competing
Cisco Confidential
Cisco Borderless
Network and Security
Solutions for Small
and Midsize Business
Customers
IT Consumerization
External-Facing Internal
Apps
Apps
Device Border
Video / Cloud
Application
Border
IaaS,SaaS
Cisco Confidential
Borderless
Networks
Security
Collaboration
Data Center
and
Virtualization
Business Architecture
Technical Architecture
Enhances productivity
Cisco Confidential
10
Agility
Control
Independence
Maximize productivity
by supporting Anyone.
Anything, Anywhere,
Anytime
Value
Increase capabilities
and operational
excellence while
reducing costs
11
Increase ROI
Provide Reliability
Boost Productivity
12
Benefits of Cisco
Borderless Network
and Security Solutions
for Small and Midsize
Business Customers
BORDERLESS
NETWORK
SERVICES
BORDERLESS
NETWORK
SYSTEMS
BORDERLESS
INFRASTRUCTURE
Mobility:
Motion
Unified
Access
Wireless
Routing
Security:
TrustSec
App
Performance:
App Velocity
Next-Gen
WAN
Switching
Multimedia
Optimization:
Medianet
Campus
Core
Application
Networking/
Optimization
Security
14
Medianet
Transform Voice and Video Experiences
Context-Aware, Prioritized, HighQuality Voice and Video
No Resource Reservation,
Degraded Voice and Video
GLOBAL
BUSINESS,
WORLDWIDE
OFFICES
CEO
Meeting
M&A
Negotiation
Sports
Event
CEO
Meeting
M&A
Negotiation
Sports
Event
15
SP A
SP B
Shortest path
selected
No application
control
Wasted
bandwidth
SP C
SP
SP A
A
SP D
SP B
SP D
SP C
SP C
Real-time
Fastest Path
Scalable
SP
SP D
D
App Visibility
Embedded WAN
SP D
D
SP
Optimization
16
Cloud
Cloud
WAN
WAN
UCS-E
17
EnergyWise
Reducing Energy Costs
No Energy
Management
Annual
Energy Costs
$770,000
Countywide Office
Energy Management
COUNTY
OFFICES
10,000 PCs
Additional Energy
Managed
Policies
Nightly Shutdown Total Savings $150,000
$430,000
$280,000
18
Flexible
Centralized
Wired
VPN
DIVERSE
USERS, DEVICES,
DATA
Wireless
Complex, Multidimensional
Simple
19
TrustSec Technology
Next-Generation Security
Clear Data and Video
Streams in LAN
Encrypted, Tamper-Proof
Transactions
MALICIOUS
GUEST USER
20
MOBILE
EXECUTIVE
Acceptable
Use
Access
Control
Data Loss
Prevention
21
Cisco Confidential
22
Enable
Business Solutions
Enable
a Smart Network
Where Am I Now?
Architectural Assessments
IPv6 Services
Medianet Readiness
Assessment
Where Do I Start?
Network Services
Deployment
EnergyWise Services
TrustSec Services
Application Velocity Services
Video Experience Service
Professional
Professional and
and Technical
Technical Services
Services
from
from Cisco
Cisco and
and Our
Our Partners
Partners
Cisco Confidential
23
Go Borderless
The Borderless
Organization Needs a
Borderless Network
Architecture
Cisco Confidential
24
Where do I start?
1.
2.
3.
2.
3.
25
How to Address:
Market Transitions
Other Vendors
http://cisco.com/go/competitive
Cisco Confidential
27
Customer
Relevance
Systems
Architectural
Services
Solutions
and
&
Practices
Business
Models
Products
Technology
Integration
Cisco Confidential
28
groups that:
Understand
Three
key groups:
29
BDMs value:
Increased profitability
BDMs like to save money, but understand the value of investing to save:
30
This
costs
Cisco Confidential
31
TDMs value:
Simplicity
Security
and functionality
and availability
Adaptability
Meeting
business expectations
Determine
Determine
Show
32
This
Be
Provide
Cisco Confidential
33
Stability
Ability
Line of Business Managers need to meet immediate needs and adapt to new
ones:
Understand
Determine
Determine
Show
34
This
Avoid
35
36
Cisco Confidential
36
Cisco Confidential
37
Custom
er
Specific
Vertica
l
Segme
nt
Gener
ic
Product
Level of
Customization
Solution Pull
Require
an
Architectu
ral
Approa
ch
Degree of
Push
Integration
Commerc
Technical
Single
ial
Integrati
Product
Integratio
on Solution Selling: Is the
Source: McKinsey Marketing and Sales
Practice White Paper. April 2003.
n
Pain Worth the Gain?
Cisco Confidential
38
https://communities.cisco.com/community/partner
Cisco Capital
http://www.cisco.com/web/partners/sell/technology/borderless/transformative_networking.html
http://www.cisco.com/assets/sol/xarch/asd/index.html
Transformative Networking
http://cisco.com/go/competitive
http://www.cisco.com/go/ciscocapital
http://www.cisco.com/web/midsize/midsize_partners.html
Cisco Confidential
39
Module Summary
Summary
Cisco Confidential
41
A) ASA
B) MediaNet
C) IOS
D) TrustSec
Cisco Confidential
42
B) MediaNet
D) TrustSec
Cisco Confidential
43
Cisco Confidential
44
C) Increased profitability
D) New market expansion
Cisco Confidential
45
Cisco Confidential
46
Cisco
Borderless
Network
Routing
Solutions for
Partner
Engineers
Cisco Confidential
47
Module Objectives
Upon completion of this module, you will be able to:
Describe the Cisco Borderless Network Routing solutions for small and midsize customers
Describe the business benefits for small and midsize customers of adopting Cisco
Borderless Network Routing solutions
Identify the appropriate Borderless Network Routing solution to match customer needs
Articulate the value of Cisco Borderless Network Routing solutions over the competition
Describe technical considerations for Cisco Borderless Network Routing solutions for small
and midsize business customers
Describe plan, design and build considerations for Cisco Borderless Network Routing
solutions for small and midsize business customers
Cisco Confidential
48
Module Outline
The learning objectives will be covered in the following modules:
Cisco Confidential
49
Cisco Borderless
Network Routing
Solutions for Small
and Midsize
Business Customers
Customer Challenges
Increase ROI
Provide Reliability
Boost Productivity
51
SRP 500
Foundational and
managed
Data
Voice
ISR 800
Advanced network
features
ISR 1900
Competitive feature
set at compelling
prices
Data
Voice
Any Device
Industry-leading
modular routes
Innovative
Services
HD Video
VDI
Cisco Confidential
52
RV200 Series
RV0/RV320 Series
Performance, Wi-Fi
and Security
SRP500 Series
DSL Connectivity,
Embedded
Intelligence
53
Common Features
Key
Features:
Key
Competitive Messages
54
Features:
Cisco Confidential
55
Performance, Scalability,Availability
Intelligent Services
Converged Services
ISR 2900 Series
Entry-Level
ISR 800 Series
56
Security
U.C.
Data
IP Base
Ease of Ordering
Operational Simplicity
Services on Demand
57
Multi-core
Network Processor
Up to 5x performance
increase
NG DSP Modules
Module to module
communications
Packet prioritization
and shaping
EHWIC
GbE Ports
2x performance
increase
HWIC/WIC/VWIC/VI
C support natively
EPoE capable
Service Modules
USB
3x increase in service
module performance
Configurable power savings mode
802.11n Option 19xx
58
IP telephony with
SIP trunking
Video to any
device
Integrated video
assessment,
monitoring, and
troubleshooting
Wireless LAN
and WAN
services
Ensure
Business
Continuity
Fully Secure
Scalable VPN
services with data
protection
PCI compliance
solution
Zone-based
firewall
3G/4G wireless
WAN backup
Virtualized server
for local
application
hosting
Services
redundancy for
voice, video, and
data
Simplify
Operations
Optimize
Embedded WAN
optimization and
app visibility
Branch-in-a-Box
(service
integration)
Video
conferencing:
planned, ad hoc
Router integrated
rich-media
optimization for
VXI
On-demand
service delivery
with service
virtualization
Centralized
management
Energy efficiency
with slot-based
power controls
Cisco Confidential
59
Network and
Physical Security
Branch IT
Infrastructure and
Management
Wireless LAN
Controller (WLC)
Cisco Network
Analysis (NAM)
Collaboration
Services
Unified
Communications
Video Surveillance
Threat Defense
Application
Infrastructure
High-performance
Communication and
Collaboration
Secure, Protect,
Compliance
Compute Services
and Applications
Consolidate Branch
Applications, High
Performance
Cisco Unity
Express module
(voicemail, IVR)
Cisco Application
Extension Platform
(AXP)
NICE Voice
Recording (AXP)
Integrated Storage
System
SingleWire
Informacast (AXP)
Industry Standard
Virtualization
Windows Server
Industry
Applications
ICW Healthcare
Connector on AXP
Global Protocols
Skipware (AXP)
Cisco Confidential
60
Independent CPU
and Memory for
Hosting Services or
High Density
Interface Ports.
High Density
Rich-Media Voice
and Video DSP
Modules
EHWIC
ISM
SM
PVDM3
Internal Service
Module
Service
Module
Packet Voice/
Data Module
Cisco Confidential
61
62
Cisco Confidential
63
ISR G2 Warranties
No Technical Support
No Software Updates
Cisco Confidential
64
Secure Mobility
Secure Collaboration
ISR
3900
to provide
Family
Actionable Insight
Scalable Rich Media
Services
65
880
890
1 FE/ADSL
1 FE/xDSL
1 FE
1 GE
No
Yes
Yes
LAN Ports
PoE Support
4 ports
Optional .11n
2.4 GHz
2.4 GHz
2.4 and
5 GHz
Basic
Advanced
Advanced
Entry-level,
highly secure
Full featured,
highly secure
Voice with
survivability
WAN Ports
WAN Backup
Security
Positioning
Statement
collaboration
Unified wireless mobility
High
availability
Simplified
1
operations
Cisco Confidential
66
1941/W
1921
1 / or optional 802.11n
fixed wireless
WAN Ports
2 GE
2 GE
DSP Slots
2U
1U
Form Factor
full
Positioning Statement High performance,
featured
Flexible broadband
connectivity
67
2921
2911
2901
SM Slots
ISM Slots
EHWIC Slots
DSP Slots
WAN Ports
3 GE
(1 SFP)
3 GE
(1 SFP)
3 GE
2 GE
Form Factor
2RU
2RU
2RU
1RU
Positioning
Statement
Maximum
power
and
flexibility
Small
and
powerful
Cisco Confidential
68
3945
3925E
3925
SM Slots
ISM Slots
EHWIC Slots
DSP Slots
WAN Ports
4 GE
3 GE
4 GE
3 GE
Form Factor
3RU
3RU
3RU
3RU
Positioning
Statement
Density and
performance
69
35
Phones
50
Phones
100
Phones
2921
Multiple Services
3945
3925
2951
2911
2901
250
Phones
Extended Modular
Connectivity (EVM, ISM,
SM, WIC/VIC)
70
Benefits of Cisco
Routing Solutions
for Small and
Midsize Business
Customers
Accelerate growth by
integrating innovations into
the business process
bringing interactions faster
to the customer
Cisco Confidential
72
Infrastructure
Bottlenecks
Service
Inconsistency
Operational
Complexity
Inconsistent
Poor
Higher
cost of ownership
Lower
business efficiency
Application
Performance
Decreased
productivity
employee
workspace
experience
Limited
business
flexibility
Cisco Confidential
73
Video-Ready
Service Virtualization
Operational Excellence
Rich-media applications
Services On-Demand
Operational
High performance
Customized Applications
Greener technology
Application optimization
Cloud extension
Customer
Experience
Business
Innovation
Simplicity
Lowest TCO
Cisco Confidential
74
Cisco Confidential
75
IT Manager Concerns
Concerns:
Cisco Benefit:
Improve Capability
Reduce Downtime
76
Cisco Benefit:
Improve Operational
Processes and Efficiency
Improve Customer
Service
Cisco Confidential
77
Finance/CEO/Owner Concerns
Concerns:
Cisco Benefit:
Increase Profit
Make Intelligent
Investments
Cisco Confidential
78
79
80
Success Story
81
Success Story
Opresa
Cisco Solution
Business Results
Company-wide adoption of
retail ERP system supported
by secure Cisco Borderless
Network foundation
GSM connections for remote
locations
82
Competing With
Cisco Borderless
Network Routing
Solutions
Cisco Confidential
84
Cisco Confidential
85
View
of Technology
Win
of Business
Cisco offers products and services that help ensure simplified and
scalable business connectivity:
86
View
of Technology
Growth is thrust upon them; they are pressured to better serve more
customers, increasing customer interaction on the network
Win
of Business
87
View
of Technology
Win
of Business
88
Using Competitor
Considering
Competitor
Converting
Asserting
Establishing
Defending
Cisco Neutral
Cisco Friendly
Cisco Confidential
89
Convert Customers
Using Competitor, Considering Cisco
Converting
90
Asserting
Cisco Confidential
91
Establishing
92
Defending
Cisco Confidential
93
Does your network allow you to easily add new services or business applications ?
Does the network hinder your ability to implement new business priorities?
Are you able to scale your resources to all your remote locations?
Is your network borderless, providing secure anywhere, anytime, any-device
access? Can you network:
Provide protection from the premises to the cloud?
Optimize performance of applications anytime, anywhere?
Enable mobile users to securely and transparently connect from any location?
Help your organization reduce energy costs?
Cisco Confidential
94
http://www.cisco.com/go/vip
http://www.cisco.com/go/oip
Cisco Capital
http://www.cisco.com/en/US/partner/products/hw/routers/partner.html
http://cisco.com/go/router
http://www.cisco.com/go/ciscocapital
http://www.cisco.com/web/partners/downloads/partner/WWChannels/sales_marketing_resources/ctmp/quick_quote.pptx
Cisco Confidential
95
Technical
Considerations for
Cisco Borderless
Network Routing
Solutions
Cisco ISR G2
Cisco Confidential
97
Is redundancy required?
Cisco Confidential
98
CPU Load
Security requirements
99
Cisco Confidential
100
Security requirements
Compliance requirements
Connectivity
101
Cisco Confidential
102
Cisco Confidential
103
Cisco Confidential
104
Cisco Confidential
105
VPN ISM
3.3X
715
2.9X
715
2.6X
395
2.
8X
170
2.8X
170
170
60
60
65
2.6X
2.7X
215
215
245
150
80
1. Single stream of IPsec traffic with AES encryption is used for the throughput measurement
2. Performance numbers are captured @ NDR (No Drop Rate)
3. IMIX composition: 61% 90-byte, 24% 594-byte, 15% 1418-byte packets
Cisco Confidential
106
Plan
Design
Build
Feature
Requirements
Product Assessment
Determine
Function
Design
Deploy
Configure
Manage
Cisco Confidential
108
Planning
Plan
Feature
Requirements
Product
Assessment
Cisco Confidential
109
Prior to Cisco IOS Release 15.0, a software image was selected based
on the required feature set of the customer
Cisco Confidential
110
Licensing Overview
Since the introduction of Cisco IOS Software Release 15.0, the universal image contains all
packages and features in one image
Multiple technology package licenses can be installed and activated on the Cisco 1900,
2900 and 3900 series Integrated Services Router platforms
Features
IP Base
Data
Security
Unified Communications
111
Security
Cisco IOS Firewall,
SSL VPN, DMVPN, IPS,
GET VPN, IP sec etc.
Devices 1900,2900,3900
Unified Communications
CUBE, SRST, Voice Gateway,
CUCME, DSP, VXML etc.
Devices 2900,3900
IPBase
IPBase
BGP,
OSPF,
EIGRP,
ISIS,
BGP, OSPF, EIGRP, ISIS, RIP,
RIP, PBR,
PBR, IGMP,
IGMP, Multicast
Multicast
Default
image
for
Access
Routers
Default image for Access Routers
Devices:
Devices: 1900,
1900, 2900,
2900, 3900
3900
112
Cisco Universal IOS supports two images for each router platform:
Platform
Image Name
1905/1921/1941/1941W
c1900-universalk9-mz, c1900-universalk9_npe-mz
2901/2911/2921
c2900-universalk9-mz, c2900-universalk9_npe-mz
2951
c2951-universalk9-mz, c2951-universalk9_npe-mz
3925/3945
c3900-universalk9-mz, c3900-universalk9_npe-mz
Universalk9: Offers all the Cisco IOS features including strong payload cryptography
features such as IPSec VPN, SSL VPN, and Secure Unified Communications
Universalk9_npe: Does not support any strong crypto functionality such as payload
cryptography or secure voice designed for import into CIS countries
Cisco Confidential
113
Cisco Confidential
114
Cisco Confidential
115
Cisco Confidential
116
Cisco Confidential
117
Cisco Confidential
118
119
License Backup
Cisco Confidential
120
Cisco Confidential
121
Cisco Confidential
122
Licensing Verification
Cisco Confidential
123
Designing
Router Architecture
Router Role
Hierarchical Design
Design
Determine
Function
Design
Cisco Confidential
124
Router Architecture
Cisco Confidential
125
Role of a Router
Routers are required to reach hosts that are not in our local network
Cisco Confidential
126
Dynamic routing
Static
A network
Particularly
useful in small
networks
A network
topology change
requires a manual update
Routing
Particularly
useful in larger
networks
Routers
More
127
OSPF
Cisco Proprietary
Developed By IETF
Cisco Confidential
128
Inter-VLAN Routing
Cisco Confidential
129
Router with a trunk link and separate logical interface for each VLAN
Cisco Confidential
130
Cisco Confidential
131
Create sub-interfaces
for each VLAN
Cisco Confidential
132
Cisco Confidential
133
Cisco Confidential
134
Determine
performance
and capacity requirements
Determine
redundancy
requirements
Determine
if WAN connectivity
is to core or data center
Determine
Number
of users or ports
Cabling
Performance
Connectivity
Router
VLAN
switch uplinks
deployment
Additional
135
Cisco Confidential
136
Build
Cisco Configuration
Professional
CLI
Build
Deploy
Configure
Manage
Cisco Confidential
137
Cisco Confidential
138
Cisco Confidential
139
One-click
Fewer
Innovative
Configure
QoS
Troubleshooting
Basic
Hostname,DNS,
and DHCP
configurations
User
Dashboard,
basic troubleshooting,
and command line interface (CLI)
tool
Cisco Confidential
140
Commands
Administrators
Execution
privileges can be
controlled for security purposes
Command
prompts
Cisco Confidential
141
Cisco Confidential
142
Cisco Confidential
143
Additional Resources
Design Zone:
http://
www.cisco.com/en/US/partner/netsol/ns741/networking_solutions_program_home.html
http://www.cisco.com/en/US/partner/netsol/ns1063/networking_solutions_program_home.
html
http://cisco.com/go/ccna
Cisco Confidential
144
Summary
Module Summary
Small and midsize business customers are looking to their routing solution to provide
increased ROI, reliability, productivity and lower service and support costs
The Cisco Small and Midsize business router portfolio includes routers from the entry level
RV family all the way up to the ISR G2 family
Cisco routers help customers accelerate growth, transform the workspace experience and
provide a lower TCO
Cisco routers help all key stakeholders including IT departments, business managers and
CxOs, to meet their business needs
Router selection factors including: bandwidth and throughput, traffic type and needs, and
LAN and WAN connectivity options
With the introduction of Cisco IOS Software Release 15.0, the universal image contains all
packages and features in one image
Cisco Confidential
146
A) RV0 Series
B) RV100 Series
C) RV200 Series
D) RV500 Series
Cisco Confidential
147
A) RV0 Series
Cisco Confidential
148
A) 800 Series
B) 1900 Series
C) 2900 Series
D) 3900 Series
Cisco Confidential
149
C) 2900 Series
Cisco Confidential
150
Cisco Confidential
151
Cisco Confidential
152
Cisco Confidential
153
Cisco
Borderless
Network
Switching
Solutions for
Partner
Engineers
Cisco Confidential
154
Module Objectives
Upon completion of this module, you will be able to:
Describe the Cisco Borderless Network Switching solutions for small and midsize
customers
Describe the business benefits for small and midsize customers of adopting Cisco
Borderless Network Switching solutions
Identify the appropriate Borderless Network Switching solution to match customer needs
Articulate the value of Cisco Borderless Network Switching solutions over the competition
Describe technical considerations for Cisco Borderless Network Switching Solutions for
small and midsize business customers
Describe plan, design and build considerations for Cisco Borderless Network Switching
Solutions for small and midsize business customers
Cisco Confidential
155
Module Outline
Cisco Borderless Network Switching Solutions for Small and Midsize Business
Customers
Plan, Design, and Build Considerations for Cisco Borderless Network Switching
Solutions
Cisco Confidential
156
Cisco Borderless
Network Switching
Solutions for Small
and Midsize
Business Customers
Customer Challenges
Increase ROI
Provide Reliability
Boost Productivity
158
Affordable and
easy to use
Foundational, smart
and managed
Data
Voice
500 Series
Catalyst 2960
Stackable with
advanced network
features
Competitive feature
set at compelling
prices
Data
Voice
Any Device
Catalyst
3560-X, 3750-X
Industry-leading
fixed switching
Innovative
Services
HD Video
VDI
Cisco Confidential
159
200 Series
Unmanaged
Smart
300 Series
500 Series
Managed
160
Managed Switch
General Approach
Quality of Service
Layer-2 Features
Management
Cisco Confidential
161
Port densities
Fanless designs
PoE support
163
Limited Lifetime Warranty on all 100, 200, 300 and 500 switches:
300
Terms may vary by theatre and may change over time, always refer to
cisco.com for the most up to date information
Cisco Confidential
164
Catalyst Switches
Business Continuity
Entry-Level
Catalyst 2K-X
LAN Lite
Converged
Services
Catalyst 2K-X
LAN Base
Intelligent
Services
Catalyst 3K-X
LAN Base
Evolves With
Your Business
Catalyst 3K-X
IP Base
Tailored to Meet
Business Needs
Catalyst 3K-X
IP Services
Borderless Security
Ease of Operations
Borderless Experience
Sustainability
Business Agility and Investment
Cisco Confidential
165
Enterprise / IP Services
Full Routing Protocols
Designed for distribution and core
Cost
IP Base
LAN Base
LAN Lite
Layer 2
PoE
Basic QoS
Basic Security
Layer 2+
PoE/PoE+
Flex Stack
Advanced QoS
Advanced Security
167
Unified Policy
Unified Services
Consistent Borderless
Services
Cisco Identity
Services Engine (ISE)
TrustSec
EnergyWise
Medianet
Cisco Confidential
168
Cisco Confidential
169
Auto SmartPort
Plug and Play
for End Devices
Anomaly Detected
Proactive diagnostics
Alert created in real-time
Web-based reports
Routed to correct TAC team
Remediation initiated
Director
Switches
Cisco Confidential
170
171
Centralized
Management:
Consistent enforcement
Benefits:
172
Temperature
Phone
WLAN
Lights
PC
Battery
Cisco Confidential
174
Cisco Confidential
175
Product Warranty
Cisco Confidential
176
Duration of
Coverage
Not included
10 business days
On-site Support
No
No
Cisco Confidential
177
Multi-Layer Switching
Exceptional Stacking
Capability
Catalyst
to3850
provide
Family
Actionable Insight
Wired and Wireless
Convergence
178
GIGABIT ETHERNET
SCALABLE
Catalyst 2960
Catalyst 2960-SF
Catalyst 2960-S
Catalyst 2960-X / XR
1G Uplinks
PoE
LLW
1G Uplinks
PoE/ PoE+
FlexStack
E-LLW
1G/10G Uplinks
PoE/PoE+
FlexStack
E-LLW
1G/10G Uplinks
PoE/PoE+
FlexStack+
E-LLW
Stackable
Enhanced Networking
Entry Level
Cisco Confidential
179
OPERATIONAL SIMPLICITY
Limited Lifetime Warranty
2 Software Options: LAN
Base and LAN Lite models
Smart Ports
10/100 Ports
Full PoE
2x1G uplinks
Low power consumption
EASE-OF-USE
20M
PORTS
500K+
UNITS
ENERGY
EFFICIENCY
LOWER
TCO
180
OPERATIONAL SIMPLICITY
181
OPERATIONAL SIMPLICITY
100/100/1000 Ports
FlexStack up to 20GB
PoE on all 48 ports
PoE+ support
10G uplinks available
182
OPERATIONAL SIMPLICITY
Enhanced Limited Lifetime
Warranty
Universal IOS Image
183
OPERATIONAL SIMPLICITY
Enhanced Limited Lifetime
Warranty
1 Software Option: IOS IP
Lite
Auto Smart Ports
184
Cisco FlexStack
Consists
FlexStack
FlexStack
Supports
40 Gbps of throughput
Stacking
of up to four switches
Provides
Cisco Confidential
185
2960-X
2960-X
New
2960-X
2960-X
New
2960-S
2960-S
Existing
2960-SF
2960-SF
Existing
Cisco Confidential
186
FlexStack Module:
Cisco Confidential
187
Catalyst 3560 v2
Catalyst 3560-X
Catalyst 3750 v2
Catalyst 3750-X
Data or PoE
Fixed 1G Uplinks
Single PS
LLW
Data / PoE(+)
Modular 1G/10G
Dual PS
E-LLW
Data or PoE
StackWise
Fixed 1G Uplinks
Single PS
LLW
Data / PoE(+)
StackWise Plus
StackPower
Modular 1G/10G
Dual PS
E-LLW
Gigabit Ethernet
Fast Ethernet
LAN Base
IP Base
IP Services
Gigabit Ethernet
Fast Ethernet
Aggregation Switch
Service Module
C3KX-NM-1G C3KX-NM-10G
C3KX-NM-10GT
C3KX-SM-10G
WS-C3750X-12S-S WS-C3750X-24S-S
WS-C3750X-12S-E WS-C3750X-24S-E
Cisco Confidential
188
Cisco Confidential
189
190
Enterprise-Class Services
Multilayer QoS
Cisco Confidential
191
Enterprise-Class Services
10/100/1000 ports
4 optional uplinks
192
Up to 50 APs
per stack
Full POE+
Granular
QoS/Flexible
NetFlow
480 Gbps
Stacking
Bandwidth
FRU Fans,
Power
Supplies
Stackpower
40 Gbps
Uplink
Bandwidth
I n t e g r a t e d W i r e d a n d W i r e l e s s Ac c e s s
Cisco Confidential
193
Universal
60W of Power
Uses standard RJ45 connectors and
Category 5e or higher cabling
Resilient
EEE
UPOE Budget
24-ports
StackPower
48-ports
24
(full UPOE)
Up to 30
Required power
1100W and
Two 1100W
194
Operational Simplicity
High performance
Custom Hardware for NetFlow monitoring
No impact on packet forwarding performance & latency
C3KX-SM-10G
Flexibility
User-defined flow records reusable in different flow monitors for different applications
Supports Flexible NetFlow version 9
Cisco Confidential
195
StackWise
Cables
Cisco Confidential
196
197
OPERATIONAL SIMPLICITY
Zero-touch deployment
Auto Smart Ports
Enhanced Limited Lifetime
Warranty
QUIET
(FANLESS)
EXTEND THE
CISCO
NETWORK
FULL-SIZE
CAPABILITIES
LOWER
TCO
198
3560-C Portfolio
2960-C Portfolio
IP Base
8 and 12 port FE
Data or PoE+
2 x 1G Uplinks
E- LLW
IP Base
8 port GE
Data or PoE+
2 x 1G Uplinks
E- LLW
LAN Base
8 and 12 port FE
Data or PoE
2 x 1G Uplinks
E- LLW
Fast Ethernet
Gigabit Ethernet
Fast Ethernet
LAN Base
8 port GE
Data Only
2 x 1G Uplinks
E- LLW
Gigabit Ethernet
WS-C2906CPD-8PT-L
Cisco Confidential
199
Benefits of Cisco
Switching
Solutions for
Small and Midsize
Business
Customers
Operational
Complexity
and Costs
Struggling to
Keep up
With Security
Network
Downtime
Is Expensive
Traffic Volume
and Bandwidth
Expanding
Cisco Confidential
201
families (2k/3k/4k)
Simplicity
Simplify
Deployments
Monitor &
Troubleshoot
Health monitoring
Deep dive L2/L3 with utilization tests, port & link tests,
Network
Optimization
Benefits
Simplified
Deployment &
Management
Reduces TCO
Zero TCO, PC
or Mac based
Complete
Coverage of
2K, 3K, and
4K Products
Cisco Confidential
202
Catalyst 2K, 3K
Error free deployment with Auto Smart Ports and
Smart Install
Simplify
Deployments
Improve
Manageability
problems
Automate
Troubleshooting
Benefits
Improved
Operational
Efficiencies
Reduced
Operating
Expenses
Lowered
Capital
Expenses
Cisco Confidential
203
Catalyst 2K, 3K
Measure
Power of
Various
Devices
Easy
Deployment
and
Management
Investing in
Technologys
Future
attached end-points
Easily managed with EnergyWise Orchestrator, CiscoWorks LMS
through IETF
Benefits
Comprehensive
Visibility Across
IT Devices
Lowers Opex
Via Intelligent
Policy Control
Driving Industry
Wide Change
Cisco Confidential
204
Meeting compliance
requirements (PCI, SOX, HIPPA)
Benefits
Eliminate Data
Snooping, Tampering
and Attacks
Catalyst 2K, 3K
Automatic collects device data and classifies
Protect Against
Malicious Behavior
Prevent Eavesdropping
With Link Layer
Encryption Management
and Policy
Comply With
Security
Regulations
devices
Authorizes network demands using specific
policies
compromised end-points
and uplinks
Effortless
Security Rollouts
Cisco Confidential
205
Network Resiliency
Customer Challenges
Enable self healing, highavailability capabilities with
StackWise and StackWise Plus
Catalyst 2K, 3K
Upgraded IOS versions and feature sets deliver
Proactive Management
Automate
Configuration
Benefits
Improved
Features and
Services
Greater Uptime
Lowered
Total Cost of
Ownership
Cisco Confidential
206
Catalyst 3K
Ensure Network
Readiness
Deployments
Provide Optimal
Experience
Benefits
Simplified/Rapid
Deployments
Simplify
Keep up with video growth while
delivering high quality of
experience
Monitor
and Troubleshoot
Scalable/
High Quality Video
self-configuration
Traffic identification and differentiated QoS
Prioritize Business Video traffic with Strict Priority
Queuing
Mediatrace for hop-by-hop analysis & Traffic Simulator
Easily Integrate
New Video
Applications
Cisco Confidential
207
Brand, experience
End-to-end solutions
Reliability, services
Future proof
Best of Breed
Bargain Buyers
Product to Position
All-in price
Low TCO, High ROI
Included support
Todays needs
Catalyst 3750-X
and 3560-X
Reasons to Purchase
Business agility and continuity
Deliver new services
Regulatory compliance
Lower complexity and costs
Energy management
Catalyst 2960-S/SF/X
100, 200, 300, 500
208
Reasons to Mitigate
Feature
Benefit
Medianet , Video
EnergyWise
TrustSec ,
Identity-Based Policy
Smart Operations
Borderless Network
Architecture
209
Reasons to Mitigate
Expanding volume and traffic
bandwidth requirements
Business innovation
Maximum business uptime
Pervasive security
Feature
Benefit
StackPower
PoE+
Medianet, Video,
EnergyWise
Smart Operations
210
Catalyst 2960-S
Fallback: 100, 200, 300, 500
Smart Foundation, SMARTnet, SPBase,
Small Business Support
Reasons to Mitigate
More for lessCisco value
Converged networks at affordable
price
Lowest TCO
Simplify operations
Feature
Benefit
Enhanced LLW
Lower TCO
Minimum downtime
FlexStack
Ease of management
Resiliency and performance
PoE
Smart Operations
211
Lower TCO
Comprehensive
Portfolio
212
Success Story
Council Rock School District
Cisco Solution
Business Results
Save costs
Energy consumption
reduced by 42.7% (US $5.3
million savings)
Cisco EnergyWise
expected to bring
US$85,000 energy savings
Network uptime increased
from 67% to over 99.9%
Our Energy conservation project has had an outstanding impact on our district,
not just the school, but the community as well.
Matthew Fredricksen, Director of Information Technology, Council Rock School District
Cisco Confidential
213
Competing With
Cisco Borderless
Network Switching
Solutions
Operations
Mobility
Business
Challenges
Video
Technology
Enablers
Access
Solutions
Security
High Availability
PoE Leadership
100 - 500, Catalyst 2K/3K
Cisco Confidential
216
Questions to consider
Is Supporting Secure Business Communications A Priority?
Can You Implement A Scalable and Comprehensive Identity Solution?
Can Your Network Deliver Real-time Collaboration Experiences?
Are You Using Your Network to Reduce Your Energy Costs?
Is Your Network Ready for Current And Future Regulatory Requirements?
Do You Have an Always-on Resilient Network?
Can You Deploy Network Changes Based on Proven Design Guides ?
217
Quantifiable Savings
$$
May
Vary
EnergyWise
$1065
$20-45
* Note: Platform longevity savings are based on 3K-X platform; EnergyWise savings assume full PoE and mix of deployment scenarios. Details in notes
Cisco Confidential
218
Partner Benefits
Smart Install
Zero Touch
Deployments
and
Maintenance
Port ConfigurationApplied
QoSEnforced
SecurityEnforced
Anomaly Detected:
Proactive diagnostics
Alert created in real-time
Routed to correct TAC team
Remediation
Quickly Identify
and Resolve
Network Issues
Cisco Confidential
219
Partner Benefits
Smart Install
Smart Install
Zero Touch
Deployments
and
Maintenance
Port ConfigurationApplied
QoSEnforced
SecurityEnforced
Anomaly Detected:
Proactive diagnostics
Alert created in real-time
Routed to correct TAC team
Remediation
Quickly Identify
and Resolve
Network Issues
Focus on strategic,
higher value
services
Cost Savings
Provide better
customer
experience
220
EnergyWise: Enterprise-Wide
Energy Management Solution
63W Less!
Catalyst 2960-S
Other Vendor
221
Strategic Sell
Architectural play
Investment Protection
and Lower TCO
2
2
Tactical Sell
Highlight Cisco
advantages
Lower TCO
Full IPv6
Power Scalability
Business critical traffic
Overcome Competitive
Obstacles
Cisco Confidential
222
Strategic Sell
WHEN
HOW
Cisco Confidential
223
Tactical Sell
WHEN
HOW
224
Cisco Confidential
225
Technical
Considerations for
Cisco Borderless
Network Switching
Solutions
100 is nonmanaged
Full manageability
Full manageability
Cisco Confidential
227
Price, Performance
Managed
Cisco 300 Series
Managed Switches
Smart
Cisco 200 Series
Smart Switches
Unmanaged
Cisco 100 Series
Unmanaged Switches
Configured
from CCA,
TextView CLI, Built in
device configuration utility
Easy to configure with
multiple options
Stackable
Enhanced
QoS, security,
and availability
8- to 48-port 10/100 and 10- to
52-port 10/100/1000 models
PoE options
Simplified
Basic
QoS, security,
and availability
Simple, basic
web-managed interface
24-
Ready-to-use
5-
simplicity,
no device management
Zero configuration,
zero customization
No security or VLANs
Manage
228
200 Series
300 Series
500 Series
229
Business Continuity
Entry-Level
Catalyst 2K-X
LAN Lite
Converged
Services
Catalyst 2K-X
LAN Base
Intelligent
Services
Catalyst 3K-X
LAN Base
Evolves With
Your Business
Catalyst 3K-X
IP Base
Tailored to Meet
Business Needs
Catalyst 3K-X
IP Services
PoE Budget
Port Density
IOS Version
Essential Function
Business Agility and Investment
Cisco Confidential
230
Cisco Confidential
231
Cisco Confidential
232
Cisco Confidential
233
Cisco Confidential
234
Plan
Design
Build
Feature
Requirements
Product Assessment
Determine
Function
Design
Deploy
Configure
Manage
Cisco Confidential
236
Planning
Plan
Feature
Requirements
Product
Assessment
Cisco Confidential
237
Cost
IP Base
LAN Base
LAN Lite
Layer 2
PoE
Basic QoS
Basic Security
Layer 2+
PoE/PoE+
Flex Stack
Advanced QoS
Advanced Security
Feature Breadth
Cisco Confidential
238
LAN Base
IP Base
Layer 2+
Supports all Cisco Catalyst 2000 and Cisco Catalyst 3000 Layer 2 features, including hot standby
protocols
RIP, static and stub PIM, and EIGRP stub OSPF for
routed access
Layer 3
IP Services
Mobility
Manageability
Basic manageability
Security
QoS
Router and VLAN ACLs, private VLANs, complete identity and security; TrustSec SXP and IEEE
802.1AE capable in hardware
Support for all Cisco Catalyst 2000 and Cisco Catalyst 3000 QoS features, including per-VLAN
policies
Cisco Confidential
239
Available at:
http://tools.cisco.com/Support/Fusion
/ FusionHome.do
Cisco Confidential
240
Designing
Layer-2
Layer-3
Spanning Tree
HSRP
VLAN
QoS
NetFlow
802.1x
Design
Determine
Function
Design
Cisco Confidential
241
Builds its MAC address table by analyzing the source MAC address as frames come in the switch, the
destination is then found in the MAC address table or the frame is flooded out all ports except the
originating port if no entry is found in the table
Broadcast and Multicast are flooded out all ports except the originating port
Cisco Confidential
242
Has the ability to make forwarding decisions based not only on Layer-2
information but also on Layer-3 and above
Provide a very high speed, low latency method of transporting traffic from one
VLAN to another
Cisco Confidential
243
Cisco Confidential
244
Configure parameters: PortFast, Uplink Fast, Backbone Fast, and BPDU Guard
Cisco Confidential
245
Cisco Confidential
246
247
Use VLANs to separate Voice, Data, Video and Management traffic so that each VLANs traffic is kept
separated from another
When possible use a L3 switch to provide a high speed, low latency path between VLANs
Communication paths between devices should have the least amount of latency possible
Cisco Confidential
248
incorrect VLAN-type
security violations
Cisco Confidential
249
LLDP:
Cisco Confidential
250
The major types of traffic to consider are Voice, Video and Data
Use the AutoQoS feature when possible to expedite the setup and deployment
Cisco Confidential
251
Switch Port Analyzer (SPAN) is used to monitor local switch network traffic as well as assist in troubleshooting issues on
the local network
Remote SPAN (RSPAN) is used to monitor source ports from remote switches, all monitored traffic is directed back to the
same mirrored port for centralized collection and analysis
A collection device must be connected to a mirrored port, have protocol analysis software, like Wireshark, and be
enabled to receive all frames
If SPAN is not enabled the protocol analyzer will only see traffic with a source or destination address of your local
machine
Cisco Confidential
252
Active Timeout
Inactive Timeout
Cisco Confidential
253
PoE+
Cisco Confidential
254
Cisco Confidential
255
Build
Embedded GUI
TextView
CLI
Cisco Prime
Build
Deploy
Configure
Manage
Cisco Confidential
256
Cisco Confidential
257
Cisco Confidential
258
Administrators type or paste entries into the Command line interface (CLI)
Cisco Confidential
259
Cisco Confidential
260
Additional Resources
261
Module Summary
Module Summary
The Catalyst series of switches provide a wide variety of port density, port speeds, form
factors and software feature sets
Cisco Small Business switches are designed for cost-conscious customers who are looking
to address their immediate and near future needs
While basic hardware considerations like speeds and feeds play a role in switch selection,
the true power of a switch is expressed in its operating system
The primary function of a layer-2 switch is to forward, filter and flood frames
Layer-3 switches combine the functionality of Layer-2, Layer-3 and Layer-4 into one single
device
TextView CLI provides a full CLI interface for configuring all product features
The Cisco Command line interface provides the most detailed method for administrators to
configure Cisco Catalyst Switches as well as many other Cisco products
Cisco Confidential
263
A) 100 Series
B) 200 Series
C) 300 Series
D) 500 Series
Cisco Confidential
264
C) 300 Series
D) 500 Series
Cisco Confidential
265
A) Cisco EtherStack
B) Cisco FlexStack
C) Cisco StackWise+
D) Cisco PowerStack
Cisco Confidential
266
C) Cisco StackWise+
Cisco Confidential
267
Cisco Confidential
268
Cisco
Borderless
Network
Wireless
Solutions for
Partner
Engineers
Cisco Confidential
269
Module Objectives
Upon completion of this module, you will be able to:
Describe the Cisco Borderless Network Wireless solutions for small and midsize customers
Describe the business benefits for small and midsize customers of adopting Cisco
Borderless Network Wireless solutions
Identify the appropriate Borderless Network Wireless solution to match customer needs
Articulate the value of Cisco Borderless Network Wireless solutions over the competition
Describe technical considerations for Cisco Borderless Network Wireless solutions for
small and midsize business customers
Describe plan, design, and build considerations for Cisco Borderless Network Wireless
solutions for small and midsize business customers
Cisco Confidential
270
Outline
The learning objectives will be covered in the following sections:
Cisco Confidential
271
Cisco Borderless
Network Wireless
Solutions for Small
and Midsize
Business Customers
Customer Challenges
Increase ROI
Provide Reliability
Boost Productivity
273
Centralized cloud
management
Cloud
Managed
Wireless
Entry Level
Small
Business APs
Advanced network
features
Aironet APs
Prime Network
Control
Enterprise wide
visibility and control
Wireless LAN
Controllers
Network
Management
Cisco Confidential
274
MR 16
General Purpose
MR 24
High Density,
Performance
MR 62, 66
275
Single Band
300 Series
Selectable Band
500 Series
276
1600
General Purpose
2600
High Density,
Performance
3600
Cisco Confidential
277
Cisco BandSelect
Cisco VideoStream
278
ClientLink 2.0
CleanAir Express
BandSelect
Wireless VideoStream
Cisco Confidential
279
Dual-band,
4
Supports
Extended
World-class
ClientLink 2.0
CleanAir Express
BandSelect
Wireless VideoStream
Cisco Confidential
280
802.11ac
Cisco CleanAir
281
282
Cisco Confidential
283
Autonomous AP
Cloud Managed
Common LAN & WLAN
Centralized
Premise-based
OS
LAN & WLAN feature
Controller
Controller at every
consistency
No Controller on
location
Optimized for campus
premises
Converged Access
Common LAN & WLAN
OS
Optimized for high
performance
Optimized for campus &
branch
deploymet
Optimized for
distributed enterprise
MR Access Points
Catalyst Switches
MS Switches
Centralized Controllers
MX Security
Catalyst Switches
Dashboard
Cisco Confidential
284
SRE WLC
Stand-alone
ISR-based
285
Cisco Confidential
286
ISM-300
WLC on SRE supports
between 5 and 50 APs.
Available for the new ISR G2 routers (1900, 2900, and 3900).
Comes on both the Internal Service Module and the Service Module.
287
5, 15, 25 AP
License
WLC 2500
ISM 700/900
Note: ISM-300
WLC on SRE will
only support a
total of 10 APs
Cisco Confidential
288
Benefits:
Simplifies management
Cisco Confidential
289
Benefits of Cisco
Wireless Solutions
for Small and
Midsize Business
Customers
291
292
293
Benefits
Scalability
Performance
OfficeExtend
294
Benefits
Simple, intuitive user interface eliminates complexity. Designed from the
ground-up with focus on workflow optimization.
Modularized interface supports user-defined customization to display only the
most relevant information.
Scalability
Wired Management
295
Customer
Experience
Workforce
Productivity
Efficiency &
Cost Reduction
How do I ensure
a consistent
experience?
How do I keep my
data secure
How do I
manage many
devices?
Cisco Confidential
296
Cisco Confidential
297
Competing With
Cisco Borderless
Network Wireless
Solutions
VideoStream
Award Winning
Design
Application Control &
Visibility
Bonjour Services
AnyConnect
What?
Where?
How?
When?
ISE
(Control)
Prime
(Visibility)
Cisco Confidential
299
IT Strategist Concerns
Audience
IT Strategist
Best of Breed
Bargain Buyer
Key Messages
Lower TCO: integration across wired & wireless, single support and
services structure, Cisco Validated Designs
Reduced operational expense through simplified network configuration
Seamless collaboration with guest access
Solutions ensure security and compliance
300
IT Strategist
Best of Breed
Bargain Buyer
Key Messages
Lower TCO: integration across wired & wireless, single support and
services structure, Cisco Validated Designs
Reduced operational expense through simplified network configuration
Seamless collaboration with guest access
Solutions ensure security and compliance
301
IT Strategist
Best of Breed
Bargain Buyer
Key Messages
Lower TCO: integration across wired & wireless, single support and
services structure, Cisco Validated Designs
Reduced operational expense through simplified network configuration
Seamless collaboration with guest access
Solutions ensure security and compliance
302
Cisco Confidential
303
Cisco Confidential
304
Cisco Confidential
305
Cisco Confidential
306
Cisco Confidential
307
Cisco Confidential
308
Technical
Considerations for
Cisco Borderless
Network Wireless
Solutions
Centralized cloud
management
Cloud
Managed
Deployment
Entry Level
Small Business
Standalone
Deployment
Advanced network
features
Prime Network
Control
Centralized
administration and
monitoring
Cisco Confidential
310
100 Series
300 Series
500 Series
b/g/n
a/b/g/n
a/b/g/n
2.4 GHz
2.4 or 5 GHz
Selectable or dual
concurrent 2.4/5 GHz
2x2:2
2x3:2
3x3:3
16
32
64 per radio
16
10/100
10/100/1000
10/100/1000
No
Yes
Yes
16
Product image
Wi-Fi standards
RF band
MIMO support
Cisco Confidential
311
700 Series
Small Business
1600 Series
Enterprise Class
2600 Series
Mission Critical
3600 Series
Best in Class
Small office
Small or midsize
company
Midsize or large
company
value-minded
customers looking to
modernize their
networks
Enterprise class
performance,
functionality, and
reliability at a
competitive price
AnyDevice/BYODoptimized
Client scalability
RF interference
mitigation
No
No
No
802.11ac or Cisco 3G
Small Cell modules
Product image
Ideal for
Application
performance profile
Future-proof
modularity
Cisco Confidential
312
700 Series
1600 Series
2600 Series
3600 Series
No
No
Yes
Yes
300 Mbps
300 Mbps
450 Mbps
1.3 Gbps
(with 802.11ac module)
2x2:2
3x3:2
3x4:3
4x4:3
100/na
ClientLink
Hardware-based
beam forming
Yes
Yes
Yes
CleanAir
No
CleanAir Express
CleanAir Express
Yes
VideoStream
Yes
Yes
Yes
Yes
BandSelect
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Crowded areas
Number of radios
Cisco Confidential
313
No configuration required
Module automatically scans all channels on 2.4 and 5
GHz bands
This
This module
module eliminates
eliminates the
the need
need for
for an
an extra
extra
cable
pull
and
additional
infrastructure
costs,
cable pull and additional infrastructure costs,
if
if full
full WIPS
WIPS scanning
scanning or
or CleanAir
CleanAir Spectrum
Spectrum
Analyses
Analyses is
is required
required
Cisco Confidential
314
This
This field-upgradable
field-upgradable IEEE
IEEE 802.11ac
802.11ac module
module
add-on
to
the
AP3600
allows
today
investment
add-on to the AP3600 allows today investment
protection
protection for
for this
this emerging
emerging WirelessWirelessStandard
Standard
Cisco Confidential
315
Supports
up to 75 access points
Provides
Supports
CleanAir
VideoStream
Application Visibility and Control
Wireless Intrusion Prevention System
Supports
316
Cisco Confidential
317
Features:
318
Plan
Design
Build
Feature
Requirements
Product Assessment
Determine
Function
Design
Deploy
Configure
Manage
Cisco Confidential
320
Planning
Plan
Feature
Requirements
Product
Assessment
Cisco Confidential
321
Controller-based
Autonomous
Standalone
gr
Up
P
ad e
ath
322
Cisco Prime
Infrastructure
Pervasive
Wireless
Coverage
Centralized
Control
Centralized
Visibility
Cisco Confidential
323
Good choice for customers who want entry level devices but
also want to preserve future options
Benefits of Deployment:
Cisco Confidential
324
Good choice for customers who want more sophisticated features and greater client
density than Aironet 700 series
Benefits of Deployment
325
Good choice for customers requiring a significant upgrade in bandwidth and client density
above the Aironet 1600 series
Benefits of Deployment:
Cisco Confidential
326
Benefits of Deployment:
Payment Card Industry (PCI) support enables certification for retail deployments
FlexConnect
ClientLink
VideoStream
CleanAir
Cisco Confidential
327
Entry to Mid level controller designed for small to midsize wireless network
Benefits of Deployment
Payment Card Industry (PCI) support enables certification for retail deployments
Support for advanced mobility technologies: FlexConnect, ClientLink, VideoStream, and CleanAir
Affordable, centralized control for up to 200 access points and 3000 clients
328
Benefits of Deployment:
Speed troubleshooting
Speed deployments
Minimize IT staffing
Easy-to-use tools, workflows, and automated best practices that simplify network management
329
Designing
Wireless Concepts
Deployment Mode
Wireless Topologies
Questions to Ask
Best Practices
Design
Determine
Function
Design
Cisco Confidential
330
Voice,
Ubiquitous
speed Voice,
Video, Data
mobile
computing
Video, Data
Email
Web browsing
802.11ac
1.3Gbps
802.11n
802.11ag
802.11b
600Mbps
54Mbps
11Mbps
Cisco Confidential
331
layer
WLANs
Current
transmission techniques
approximate behavior of a hub
Future
WLANS
332
Signal security
Cisco
ClientLink
Rogue Detection
CleanAir
Cisco Confidential
333
WLAN controller
Cisco Confidential
334
Autonomous Deployment
Cisco Confidential
335
336
SSID
Service Area
Roaming
VLAN support
Voice Support
Cisco Confidential
337
A single
Multiple
SSIDs
The
Guest
Clients
338
Ad hoc mode
point
Infrastructure mode
339
Channel 1
Cisco Confidential
340
Two or more
interconnected BSS that
share the same SSID
Channel 1
10
10
%
%
to
to
15
15
%
%
Channel 6
Cisco Confidential
341
Roaming without interruption requires the same SSID on all access points
Cisco Confidential
342
Client searches for another access point and sends reauthentication request
Cisco Confidential
343
VLANs propagate
across access points and
can be used in ESS
environments
Supports roaming
Cisco Confidential
344
VideoStream
345
Antenna Types
Directional:
Omni-directional:
Cisco Confidential
346
Build
Controller Management
Interface
Build
Deploy
Configure
Manage
Cisco Confidential
347
Cisco Confidential
348
AP Management Interface
Virtual Interface
Dynamic Interface(s)
349
Cisco Confidential
350
Cisco Confidential
351
Cisco Confidential
352
Cisco Confidential
353
Additional Resources
http://
www.cisco.com/en/US/netsol/ns741/networking_solutions_program_hom
e.html
http://
www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns820/landing_ent
_mob_design.htm
http://
www.cisco.com/en/US/products/ps11630/products_tech_note09186a008
0b8450c.shtml
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wi
reless_Software_Compatibility_Matrix.html
Cisco Confidential
354
Module Summary
Module Summary
The Cisco 700 series access point is a good fit for small business deployments,
while the 1600 and 2600 series are suitable for larger customers
Properly designed wireless LANs can provide access to end users from
anywhere in a campus environment
Cisco Confidential
356
A) 100 Series
B) 300 Series
C) 500 Series
D) 700 Series
Cisco Confidential
357
C) 500 Series
Cisco Confidential
358
A) Ad-Hoc Deployment
B) Autonomous Deployment
C) Controller-based Deployment
D) BSS Deployment
Cisco Confidential
359
C) Controller-based Deployment
Cisco Confidential
360
Cisco Confidential
361
Cisco Security
Solutions for
Partner
Engineers
Cisco Confidential
362
Module Objectives
Upon completion of this module, you will be able to:
Describe the Cisco Security solutions for small and midsize business customers
Describe the business benefits for small and midsize business customers of
adopting Cisco Security solutions
Describe technical considerations for Cisco Security solutions for small and
midsize business customers
Describe plan, design and build considerations for Cisco Security solutions for
small and midsize business customers
Cisco Confidential
363
Module Outline
The learning objectives will be covered in the following sections:
Cisco Confidential
364
Cisco Security
Solutions for Small
and Midsize
Business Customers
Customer Challenges
Increase ROI
Provide Reliability
Boost Productivity
366
Integrated with
routing
ASA 5500/5500-X
Appliance-based
AnyConnect
Client software,
secure VPN
End Device
Cisco has security software and appliances that scale up through the enterprise.
This module will focus on the portions of the portfolio that serve Small and Midsize
Business customers
Cisco Confidential
367
Easy Activation
IPS Network
Module
High Performance
Web Security
Connected
Expandable Services
Cisco Confidential
368
Software
Licenses for
Security
Services
Firewall
Content Security
Cisco Confidential
369
Hardware
Upgrades for
Maximum
Performance
370
Cloud-based
Security for
Maximum
Flexibility and
Coverage
371
Entry Level
5512-X
Small Office
5515-X
5525-X
Midsize Office
Web security
Remote access
Botnet protection
Cisco Confidential
372
Accelerated
Integrated
Services
Next-Gen
Services Ready
Cisco Confidential
373
HTTP
MSRPC
FTP
Scanner
N
nScan Array
Application visibility, including peer-topeer and social networking, and peruser control and reporting
Subscriptions:
Context-Aware Data Plane
374
Addressed By ASA CX
Block certain web site categories for everyone: Adult, Gambling, Hate Speech,
Illegal Activities and others as needed
Deny students but allow faculty access to the following web site categories:
Entertainment, Arts, Online Trading
Deny employees access to the following web site categories: Sports and
Recreation, Travel, Photo Search and Images
Deny users access to the following web site categories: File Transfer Services,
Freeware and Shareware, Illegal Downloads, Internet Telephony
Cisco Confidential
375
Addressed By ASA CX
You get a URL link in Facebook chat, saying Check out this cool video!. You
click the link. Web Reputation blocks that specific transaction, while allowing
general access to Facebook.
ASAs Botnet Traffic Filter detects and blocks all attempts to contact commandand-control centers / Botnet masters.
Cisco Confidential
376
Addressed By ASA CX
Bandwidth misuse
Employee productivity
Example Apps
Cisco Confidential
377
378
8 Ports of
10/100 Ethernet
Serial
Console
2 PoE Ports
Power
Supply
2 USB
2.0
ports
When to Position
Cisco Confidential
379
6 GE Cu,
6 GE Fiber
6 GE Cu
FW Throughput: 1 Gbps
IPS Throughput: 250 Mbps
VPN Throughput: 200 Mbps
Memory: 4 GB RAM
Supports Context Security
When to Position
Serial Console
Fan
2 USB 2.0 ports
Power
Supply
380
6 GE Cu,
6 GE Fiber
6 GE Cu
When to Position
Serial Console
Fan
2 USB 2.0 ports
Power
Supply
Cisco Confidential
381
Firewall Throughput
IPS Throughput
IPS
Content Security
Redundant
Power Supply
No
Cisco Confidential
382
Appliance
C000v
Virtual
Hosted
Hybrid
Cloud
Hybrid Cloud
Cloud
Fights spam, viruses, and blended threats for organizations of all sizes
383
Ready to plug-in and install in the right size for your environment
Cisco Confidential
384
Quicker deployments
Deployment flexibility
Model
Disk
Memory
Cores
C000v
200GB
4GB
ESX
ESX || ESXi
ESXi Hypervisor
Hypervisor
Cisco
Cisco UCS
UCS
Consolidation
Consolidation || Automation
Automation || Virtualization
Virtualization
Other
Other
Hardware
Hardware
Cisco Confidential
385
Email SaaS
Cisco Email Security Services
Providing industry-leading email security in
the cloud:
Inbound Hygiene:
Removes spam and
viruses
Outbound Control:
Apply DLP and
encryption policies
99.999% Uptime
99+% Spam catch rate
<1 in 1M false positives
100% known virus catch rate
Customer
Co-managed access
Capacity assurance
Cisco Confidential
386
Email SaaS
Inbound Hygiene:
Removes spam and
viruses
Customer
Cisco Confidential
387
Appliance
WSAV
Virtual
Hosted
Connectors
Cloud
Hybrid Cloud
Cloud
388
1000+ Applications,
150,000+ Microapplications
Policy Management
Actionable Reporting
DLP
*The Cisco ASA 5500-X with WSE requires a separate license for AVC.
Cisco Confidential
389
Plus
Cisco Confidential
390
Internet
Consistent policy,
Firewall
security, and reporting for all users
Single-box solution for faster
deployments, reduced complexity
Traditional
Appliances
Cisco Web
Firewall
Security Appliance
Web Proxy
Multiple Malware
Engines
Web Proxy
URL Filtering
AVC
URL Filtering
Integrates easily
into your existing
Cisco Policy
infrastructure
Management
Web Reputation
SIO Updates
Layer 4 Traffic
Monitoring
Reporting
SIEM/DLP/SOCKS/FTP
Policy Management
Reporting
Users
Users
Cisco Confidential
391
Firewall
Cisco Web
Security Virtual Appliance
Same capabilities as Web
Security Appliance, plus:
Self-service provisioning
Instant provisioning
UCS +
Simplification
Deployments
Response
Security
End Users
Cisco Confidential
392
Branch to enterprise
Reuses appliances
Eliminates desktop agent
Reduces vendors
Eliminates backhaul
Cisco AnyConnect
Direct to Cloud
Cisco WSA
Cisco ISR-G2
Cisco ASA
Cisco Confidential
393
Eliminate
Integrate
Eliminate
Cost-effective
Provide
First
WSA
DLP
ISR G2
Cisco
ASA
WS
A
394
Requirements compromises
Productivity or security
Demand
Security
Limited options
Client or clientless, TLS or DTLS, IPsec or SSL, etc.
Limited
Constant
Cisco Confidential
395
On-Premises
WSA
Cisco
Cloud
ASA
Redirect to Premises
or Cloud
Web
Security
Mobile User
Cisco AnyConnect Client
Acceptable use
policies
Malware threat
Always-on
protection
protection
Application usage
controls
396
Mobile User
Home Office
IPv6 support
Simplified connectivity
Wired
Cellular
and Wi-Fi
Wi-Fi
Cisco
ASA
Site to Site
Partner
HQ
Secure,
Consistent
Access
Corporate
HQ
EASmartcard SSO
Flexible deployment
397
Mobile
License
at Low Cost
Mobile
License
at Low Cost
Advanced
Endpoint
Assessment
License
Essentials License
At Low Cost
Basic
Remote Access
Connectivity
Premium License
Or
Posture Assessment
and Clientless
Flex License
398
Benefits of Cisco
Security Solutions
for Small and
Midsize Business
Customers
VPN
Network IPS
Router security
Cisco Confidential
400
SensorBase
Threat Operations
Center
Dynamic Updates
Comprehensive Threat
Intelligence
Researchers and
Automated Analysis
Cisco Confidential
401
1,000
Historical
35%
Benefits:
360
of vulnerabilities
and exploit technologies
Visibility
vehicles
Latest
402
Benefits:
600+
Engineers, technicians,
and researchers
Network
80+
Insight
Pen
Quality
Human-aided
Around-the-clock
and QC
95%
rule creation
403
updates
delivered to Cisco security
devices every 35 minutes
8M+
Benefits:
Reduces
exposure window
Minimizes
overhead
security management
Reputation
updates for
real-time protection
Cisco Confidential
404
Leading-Edge Security
Cisco IPS with Global Correlation
405
Best performance
Lowest TCO
Future focus
No ongoing administration
Low network impact
Built-in compliance
capabilities
Easiest to install and manage
Worlds leading email security
support
Fewest appliances required
Demonstrates financial
commitment to email
security investment and
innovation
Most flexible email security:
on-premise, in the cloud,
hybrid and virtual
Smarter and better
anticipation of threats
Best ability to scale threat
analysis as global data
explodes
Cisco Confidential
406
Security
Stability
Cisco Confidential
407
Extensive Support
Broad support for desktop and mobile client OSs and clientless browsers
Broad support for protocols and authentication methods
Broad support for security gateways (Cisco ASA, ASR, and ISR)
Security Focused
Enterprise Proven
408
Competing With
Cisco Security
Solutions
Solution
Products
Customer Benefit
Customer gains the most widely deployed remote-access solution with the
broadest support for platforms and protocols
Cisco Confidential
410
Solution
Products
Customer Benefit
Cisco Confidential
411
Customer Situation
Web Security (Provides always-on security functions for laptops and mobile devices)
Cisco Cloud Web
Security
Cisco Confidential
412
integration
Larger
HQ
Advanced proxy/bandwidth controls
Same
capabilities as WSA
planning initiatives
Remote offices without IT staff
Virtual/cloud/capacity
Many
investments
Backhaul or private network issues
Public Wi-Fi initiatives
WSA
WSA
vWSA
vWSA
CWS
CWS
Reusing
ISR G2 Connector
Reusing
ASA
ASA Connector
Connector
investments
Integrated web security and IPS
Many remote users
Cost
considerations
firewall
Network bandwidth controls
Next-generation
ASA 5500-X
5500-X Series
Series
Cisco Confidential
413
Customer Situation
Customer wants only simple VPN remote access. License is applied to Cisco ASA.
Premium
Customer needs clientless VPN browser-based access, desktop or mobile posture, or Suite B
cryptography, in addition to VPN remote access. License is applied to Cisco ASA.
Mobile
Customer wants to enable VPN remote access for mobile devices. License is in addition to the
Essentials or Premium license. Both licenses require application to Cisco ASA .
Advanced Endpoint
Assessment
Customer needs remediation capabilities. This license is an add-on to the Premium license.
Shared
Customer needs Premium licenses across multiple Cisco ASA devices to support many users.
Flex
Customer needs capability to temporarily burst on a day-to-day basis to the maximum number
of users supported by Cisco ASA.
Cisco Confidential
414
Business Challenge:
Mobile Workers
Situation
Technology-savvy mobile workers need
access on all their mobile devices anytime
and anywhere they are in the world.
Many mobile workers have a mix of corporate
and personally owned devices that they use
interchangeably to do their jobs.
This means that sometimes they need safe
clientless access from kiosks, loaner laptops,
or a home PC that does not have a client.
Wherever they are, mobile workers need safe
access to their corporate applications and
data from any device and through any
browser from any network worldwide.
Cisco Confidential
415
Business Challenge:
Mobile Workers
Questions
How can we help ensure that users are using only a single network
connection at a given time?
Cisco Confidential
416
Business Challenge:
Contractors and Partners
Situation
Companies regularly outsource functions to
partners or hire contractors for specific needs.
This process has become commonplace for
organizations of all types and sizes.
These individuals and organizations need
connectivity. Often they work remotely and are not
in a companys physical building, and they often
require connectivity through either a site-to-site
VPN or a remote-access solution connecting them
to one or more users.
Cisco Confidential
417
Business Challenge:
Contractors and Partners
Questions
Cisco Confidential
418
Business Challenge:
Risk-Averse Organizations
Situation
Some organizations have a low tolerance for risk due to
regulations, information policies, or the financial impact of a
security breach.
These organizations go beyond standard best security practices to
protect their networks, data, devices, and users from potential
threats.
They may be interested in protecting particular departments, users,
or devices to a greater degree.
Typical organizations that are risk averse include government
organizations and contractors, financial firms, and companies that
cannot accept a security breach.
Cisco Confidential
419
Business Challenge:
Risk-Averse Organizations
Questions
How can we help ensure that devices connecting to the network have the latest antivirus
updates and VPN client?
How can we help ensure that users connect only to corporate Wi-Fi networks?
How can we provide secure connectivity from each desktop on the LAN?
How do we help ensure that users are using a certificate for authentication?
Cisco Confidential
420
421
Technical
Considerations for
Cisco Security
Solutions
Integrated with
routing
ASA 5500/5500X
Appliance-based
Cisco
Web Security
Appliance-based,
content control
Cisco
Email Security
Appliance-based, data
loss prevention
AnyConnect
Client software,
secure VPN
End Device
Solution
Cisco Confidential
423
ASA 5555-X
(4 Gbps,50K cps)
ASA 5545-X
(3 Gbps,30K cps)
ASA 5525-X
(2 Gbps,20K cps)
ASA 5512-X
(1 Gbps, 10K cps)
ASA 5550
ASA 5515-X
(1.2 Gbps,15K cps)
ASA 5540
ASA 5520
ASA 5510
ASA 5510 +
ASA 5505
SOHO
Branch Office
Internet Edge
Campus
Enterprise
Cisco Confidential
424
ASA 5512-X
Multi-Gigabit performance:
1 Gbps Firewall
Throughput
ASA 5515-X
1.2 Gbps Firewall
Throughput
ASA 5525-X
2 Gbps Firewall
Throughput
Cisco Confidential
425
ASA 5525-X
ASA 5515-X
ASA 5512-X
2 Gbps Firewall
600 Mbps
FW+IPS
300 Mbps VPN
ASA 5520
ASA 5510+
ASA 5510
Cisco Confidential
426
4X memory
Services Supported
Botnet Protection
Real-time threat information for protection provide protection against complex threat
Cisco Confidential
427
Feature
ASA
5500-X
URL Filtering
Integrated IPS
Cisco Confidential
428
ASA 5515-X
ASA 5525-X
1 Gbps
1.2 Gbps
2 Gbps
500 Mbps
600 Mbps
1 Gbps
250 Mbps
400 Mbps
600 Mbps
VPN Throughput
200 Mbps
250 Mbps
300 Mbps
450,000
500,000
800,000
Connections (Max)
100,000
250,000
500,000
10,000
15,000
20,000
0/0
2/5
2/20
VLANs
50
100
200
No
A/S A/A
A/S A/A
250
250
750
250
250
750
10,25,50,100,250
10,25,50,100,250
10,25,50,100,250,500,750
Yes
Yes
Yes
64-bit
64-bit
64-bit
Cisco Confidential
429
ASA 5515-X
ASA 5525-X
Form-Factor
1 RU
19-in rack mountable
1 RU
19-in rack mountable
1 RU
19-in rack mountable
Rack-Mounting Options
Brackets included
(Slide rails optional)
Brackets included
(Slide rails optional)
Brackets included
(Slide rails optional)
13.39 lb
(6.07 kg)
13.39 lb
(6.07 kg)
14.92 lb
(6.77 kg)
CPU
Multi-core
enterprise-class
Multi-core
enterprise-class
Multi-core
enterprise-class
RAM
4 GB
8 GB
8 GB
Flash
4 GB
8 GB
8 GB
Dimensions (HxWxD)
Weight
12
12
14
Yes
Yes
Yes
6 GE Copper or
6 GE SFP SX,LH,LX
6 GE Copper or
6 GE SFP SX,LH,LX
6 GE Copper or
6 GE SFP SX,LH,LX
Console Port
Yes, RJ-45
Yes, RJ-45
Yes, RJ-45
Redundant power
No
No
No
No
No
Yes
AC, 400W
AC, 400W
AC, 400W
Power Supply
Cisco Confidential
430
ASA 5512-X
ASA 5515-X
ASA 5525-X
ASA 5545-X
ASA 5555-X
1 RU
Appliances
Cisco Confidential
431
8 GE ports
ASA 5512-X
ASA 5515-X
ASA 5525-X
ASA 5545-X
ASA 5555-X
Redundant Power
Supplies
1 Expansion Slot
6-port GE or 6-port SFP
Cisco Confidential
432
Plan
Design
Build
Feature
Requirements
Product Assessment
Determine
Function
Design
Deploy
Configure
Manage
Cisco Confidential
434
Planning
Plan
Feature
Requirements
Product
Assessment
Cisco Confidential
435
Base License:
Stateful
VPN
Firewall
Optional Licenses:
Application
Web
Security Essentials
Intrusion
Cloud
Web Security
Botnet
SSL
Traffic Filter
VPN
Cisco Confidential
436
Appliance
Virtual
Cisco ASA CX
Context Aware
Threat Aware
437
Cisco IPS
438
Signature
Twice a Week
Updates
IP packet fragmentation
TCP stream segmentation
RPC fragmentation
URL obfuscation
HTML evasion
FTP evasion
Cisco Vulnerability-Based
Signatures
OS
MSFT
Linux
Mac
Cisco
Applications
Databases
Web servers
P2P
Skype
H.223/5
MPLS
Apache
GRE
P2P
Cisco Confidential
439
Antimalware
Cisco ASA
Cisco Confidential
440
441
Designing
Design
Determine
Function
Design
Cisco Confidential
442
How comfortable are you with your ability to detect and respond to these
threats?
443
Activities
Cisco Confidential
444
Activities
Cisco Confidential
445
Activities
Cisco Confidential
446
Activities
Security Recommendations
Report
Cisco Confidential
447
Build
Build
Deploy
Configure
Manage
Cisco Confidential
448
449
Benefits
450
Offers real-time interpretation of log messages, with plain English explanations and
recommended actions for each log message
Cisco Confidential
451
VPN Administration
Centralized Policy
Administration
Centrally provision
policies for firewalls,
VPNs, and IPS
Device-based
Very scalable
IPS Manager
Policy inheritance
feature enables
consistent policies
across enterprise
Deployment Manager
Powerful device
grouping options
Policy-based
Map-based
VPN Manager
Firewall Administration
Configure policies for ASA,
Cisco PIX FW, FW SM and
Cisco IOS Software
Single rule table for all
platforms
Intelligent analysis of policies
Sophisticated rule table
editing
Configure remote-access
VPN, DMVPN, and Easy
VPN devices
IPS Administration
Automatic updates to
the IPS sensors
Support for outbreak
prevention services
452
453
Customizable views
Cisco Confidential
454
Additional Resources
Security
SAFE Design
http://www.cisco.com/go/safe
www.cisco.com/go/security
http://www.cisco.com/web/about/ciscoitatwork/network_systems/branch_office_network_design.html
Cisco on Cisco
http://www.cisco.com/go/ciscooncisco
Cisco Confidential
455
Module Summary
Summary
Cisco partners should consider the ISR G2 series and ASA 5500-X
series products as their primary solution for customer security solutions
across a broad spectrum of needs
The enterprise class hardware design of the ASA 5500-X series supports
superior performance with multiple services and provides superior
investment protection
The Cisco ASA Botnet Traffic Filter detects infected clients by tracking
rogue phone-home traffic and stops that traffic to protect the network
Cisco Confidential
457
A) Hardware-based Upgrades
B) Context Security
C) Gigabit Ethernet
D) Firewall, VPN and IPS Services
Cisco Confidential
458
B) Context Security
Cisco Confidential
459
A) Cisco Prime
B) Cisco Security Manager
C) ASDM
D) CCP
Cisco Confidential
460
C) ASDM
Cisco Confidential
461
Cisco Confidential
462
Course Summary
Course Summary
Cisco Borderless Network and Security solutions provide the best choice
for customers because they support an overall vision of how the network
needs to work together to address business needs
464
Cisco Confidential
465